<?php
	header("Expires: Thu, 17 May 2001 10:17:17 GMT");    // Date in the past
  	header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified
	header ("Cache-Control: no-cache, must-revalidate");  // HTTP/1.1
	header ("Pragma: no-cache");                          // HTTP/1.0
	session_start();
	if (isset($_POST))
{
 /* foreach ($_POST as $key => $value ){
	  print $key." ";
	  }echo '<br />';
}
if (isset($_SESSION))
{
  foreach ($_SESSION as $key => $value ){
	  print $key."<br />";
	  }
} */     
	if (!isset($_SESSION['SESSION'])) require ( "session_init.php");	
	// make sure post parameters were sent...
	$username1 = $_POST['username'];
	if (isset($username1))	 
	if (isset($_POST['password']))
	{
		$password1 =md5(md5( $_POST['password']));	
		$_SESSION['USERNAME'] = $username1;
	}
	// form variables must have something in them...
	if ($username1 == "" || $password1 == "" ) { header("Location: signin.php?flg=red&username1=".$username1); exit; }

	$server	    = 'localhost';
	$username	= 'root';
	$password	= 'grouptwo';
	$database	= 'tinkenawo_users';
	$connect=mysql_connect($server, $username, $password);
 	if(!$connect)
	{
 		exit('Error: can not connect to the server'); 
 	}
	$select=mysql_select_db($database);
	if(!$select)
	{
 	  exit('Error: can not select the database');
	} 	
	// check in database...
	 $query =  "SELECT * FROM `temp_users` WHERE `user_name`='$username1'AND `user_pass`='$password'";
	 
	 //echo $query;
	  
	$result = mysql_query($query) or die("Invalid query: " . mysql_error());
		
		// if userid is not present in DB go back to login page...
		//if (mysqli_affected_rows() != 1) { header("Location: signin.php?flg=red&userid=".$userid); exit; }
		
		// check for password, active state, user type, and then send to appropriate section...
	if ($row = mysqli_fetch_assoc($result)) {
			// echo $row['sPassword'] . "<br>" . md5($passwd);
			
			 
	$server	    = 'localhost';
	$username	= 'root';
	$password	= 'grouptwo';
	$database	= 'tinkenawo_users';
	$connect=mysql_connect($server, $username, $password);
 	if(!$connect)
	{
 		exit('Error: can not connect to the server'); 
 	}
	$select=mysql_select_db($database);
	if(!$select)
	{
 	  exit('Error: can not select the database');
	} 	
			 $query1 =  "UPDATE `temp_users` SET `user_active`=1";
			 mysqli_query($query1);	
			// set standard session variables...
			$_SESSION['LOGIN_TYPE'] = $row['user_type'];;
			$_SESSION['USERNAME'] = $username1;
			$_SESSION['EMAIL'] = $row['user_email'];;
			$_SESSION['LOGGEDIN'] = true;
			$_SESSION['FNAME'] = $row['user_fname'];
			$_SESSION['LNAME'] = $row['user_lname'];
			include'close_connect.php';			
			header("Location: home.php");
			exit;
	} 
	else 
	{
		header("Location: signin.php?flg=red&username=".$username1); exit;
	}		
}
?>
